actionpack 5.2.4.4 → 6.1.1

data/lib/action_dispatch/middleware/templates/rescues/missing_exact_template.text.erb

@@ -0,0 +1,3 @@
+Missing exact template
+
+<%= @exception.message %>

data/lib/action_dispatch/middleware/templates/rescues/missing_template.html.erb

@@ -5,7 +5,7 @@
 <div id="container">
   <h2><%= h @exception.message %></h2>
 
-  <%= render template: "rescues/_source" %>
-  <%= render template: "rescues/_trace" %>
+  <%= render "rescues/source", source_extracts: @source_extracts, show_source_idx: @show_source_idx %>
+  <%= render "rescues/trace", traces: @traces, trace_to_show: @trace_to_show %>
   <%= render template: "rescues/_request_and_response" %>
 </div>

data/lib/action_dispatch/middleware/templates/rescues/routing_error.html.erb

@@ -14,7 +14,7 @@
     </p>
   <% end %>
 
-  <%= render template: "rescues/_trace" %>
+  <%= render "rescues/trace", traces: @traces, trace_to_show: @trace_to_show %>
 
   <% if @routes_inspector %>
     <h2>

data/lib/action_dispatch/middleware/templates/rescues/template_error.html.erb

@@ -11,10 +11,10 @@
   </p>
   <pre><code><%= h @exception.message %></code></pre>
 
-  <%= render template: "rescues/_source" %>
+  <%= render "rescues/source", source_extracts: @source_extracts, show_source_idx: @show_source_idx %>
 
   <p><%= @exception.sub_template_message %></p>
 
-  <%= render template: "rescues/_trace" %>
+  <%= render "rescues/trace", traces: @traces, trace_to_show: @trace_to_show %>
   <%= render template: "rescues/_request_and_response" %>
 </div>

data/lib/action_dispatch/middleware/templates/rescues/unknown_action.html.erb

@@ -2,5 +2,5 @@
   <h1>Unknown action</h1>
 </header>
 <div id="container">
-  <h2><%= h @exception.message %></h2>
+  <%= render "rescues/message_and_suggestions", exception: @exception %>
 </div>

data/lib/action_dispatch/middleware/templates/routes/_table.html.erb

@@ -49,6 +49,26 @@
     width: 80%;
     font-size: inherit;
   }
+
+  @media (prefers-color-scheme: dark) {
+    body {
+      background-color: #222;
+      color: #ECECEC;
+    }
+
+    #route_table tbody tr:nth-child(odd) {
+      background: #333;
+    }
+
+    #route_table tbody tr:nth-child(even) {
+      background: #444;
+    }
+
+    #route_table tbody.exact_matches,
+    #route_table tbody.fuzzy_matches {
+      color: #333;
+    }
+  }
 <% end %>
 
 <table id='route_table' class='route_table'>
@@ -85,7 +105,7 @@
 </table>
 
 <script type='text/javascript'>
-  // support forEarch iterator on NodeList
+  // support forEach iterator on NodeList
   NodeList.prototype.forEach = Array.prototype.forEach;
 
   // Enables path search functionality
@@ -197,4 +217,7 @@
 
   setupMatchPaths();
   setupRouteToggleHelperLinks();
+
+  // Focus the search input after page has loaded
+  document.getElementById('search').focus();
 </script>

data/lib/action_dispatch/railtie.rb

@@ -21,7 +21,9 @@ module ActionDispatch
     config.action_dispatch.encrypted_signed_cookie_salt = "signed encrypted cookie"
     config.action_dispatch.authenticated_encrypted_cookie_salt = "authenticated encrypted cookie"
     config.action_dispatch.use_authenticated_cookie_encryption = false
+    config.action_dispatch.use_cookies_with_metadata = false
     config.action_dispatch.perform_deep_munge = true
+    config.action_dispatch.request_id_header = "X-Request-Id"
 
     config.action_dispatch.default_headers = {
       "X-Frame-Options" => "SAMEORIGIN",
@@ -37,11 +39,15 @@ module ActionDispatch
     config.eager_load_namespaces << ActionDispatch
 
     initializer "action_dispatch.configure" do |app|
+      ActionDispatch::Http::URL.secure_protocol = app.config.force_ssl
       ActionDispatch::Http::URL.tld_length = app.config.action_dispatch.tld_length
       ActionDispatch::Request.ignore_accept_header = app.config.action_dispatch.ignore_accept_header
       ActionDispatch::Request::Utils.perform_deep_munge = app.config.action_dispatch.perform_deep_munge
-      ActionDispatch::Response.default_charset = app.config.action_dispatch.default_charset || app.config.encoding
-      ActionDispatch::Response.default_headers = app.config.action_dispatch.default_headers
+
+      ActiveSupport.on_load(:action_dispatch_response) do
+        self.default_charset = app.config.action_dispatch.default_charset || app.config.encoding
+        self.default_headers = app.config.action_dispatch.default_headers
+      end
 
       ActionDispatch::ExceptionWrapper.rescue_responses.merge!(config.action_dispatch.rescue_responses)
       ActionDispatch::ExceptionWrapper.rescue_templates.merge!(config.action_dispatch.rescue_templates)

data/lib/action_dispatch/request/session.rb

@@ -99,6 +99,14 @@ module ActionDispatch
         end
       end
 
+      # Returns the nested value specified by the sequence of keys, returning
+      # +nil+ if any intermediate step is +nil+.
+      def dig(*keys)
+        load_for_read!
+        keys = keys.map.with_index { |key, i| i.zero? ? key.to_s : key }
+        @delegate.dig(*keys)
+      end
+
       # Returns true if the session has the given key or false.
       def has_key?(key)
         load_for_read!
@@ -150,7 +158,7 @@ module ActionDispatch
       #   # => {"session_id"=>"e29b9ea315edf98aad94cc78c34cc9b2", "foo" => "bar"}
       def update(hash)
         load_for_write!
-        @delegate.update stringify_keys(hash)
+        @delegate.update hash.stringify_keys
       end
 
       # Deletes given key from the session.
@@ -214,7 +222,6 @@ module ActionDispatch
       end
 
       private
-
         def load_for_read!
           load! if !loaded? && exists?
         end
@@ -226,15 +233,9 @@ module ActionDispatch
         def load!
           id, session = @by.load_session @req
           options[:id] = id
-          @delegate.replace(stringify_keys(session))
+          @delegate.replace(session.stringify_keys)
           @loaded = true
         end
-
-        def stringify_keys(other)
-          other.each_with_object({}) { |(key, value), hash|
-            hash[key.to_s] = value
-          }
-        end
     end
   end
 end

data/lib/action_dispatch/request/utils.rb

@@ -41,6 +41,10 @@ module ActionDispatch
         end
       end
 
+      def self.set_binary_encoding(request, params, controller, action)
+        CustomParamEncoder.encode(request, params, controller, action)
+      end
+
       class ParamEncoder # :nodoc:
         # Convert nested Hash to HashWithIndifferentAccess.
         def self.normalize_encode_params(params)
@@ -51,8 +55,8 @@ module ActionDispatch
             if params.has_key?(:tempfile)
               ActionDispatch::Http::UploadedFile.new(params)
             else
-              params.each_with_object({}) do |(key, val), new_hash|
-                new_hash[key] = normalize_encode_params(val)
+              params.transform_values do |val|
+                normalize_encode_params(val)
               end.with_indifferent_access
             end
           else
@@ -73,6 +77,26 @@ module ActionDispatch
           list
         end
       end
+
+      class CustomParamEncoder # :nodoc:
+        def self.encode(request, params, controller, action)
+          return params unless controller && controller.valid_encoding? && encoding_template = action_encoding_template(request, controller, action)
+          params.except(:controller, :action).each do |key, value|
+            ActionDispatch::Request::Utils.each_param_value(value) do |param|
+              if encoding_template[key.to_s]
+                param.force_encoding(encoding_template[key.to_s])
+              end
+            end
+          end
+          params
+        end
+
+        def self.action_encoding_template(request, controller, action) # :nodoc:
+          request.controller_class_for(controller).action_encoding_template(action)
+        rescue MissingController
+          nil
+        end
+      end
     end
   end
 end

data/lib/action_dispatch/routing.rb

@@ -74,8 +74,8 @@ module ActionDispatch
   # For routes that don't fit the <tt>resources</tt> mold, you can use the HTTP helper
   # methods <tt>get</tt>, <tt>post</tt>, <tt>patch</tt>, <tt>put</tt> and <tt>delete</tt>.
   #
-  #   get 'post/:id' => 'posts#show'
-  #   post 'post/:id' => 'posts#create_comment'
+  #   get 'post/:id', to: 'posts#show'
+  #   post 'post/:id', to: 'posts#create_comment'
   #
   # Now, if you POST to <tt>/posts/:id</tt>, it will route to the <tt>create_comment</tt> action. A GET on the same
   # URL will route to the <tt>show</tt> action.
@@ -83,7 +83,7 @@ module ActionDispatch
   # If your route needs to respond to more than one HTTP method (or all methods) then using the
   # <tt>:via</tt> option on <tt>match</tt> is preferable.
   #
-  #   match 'post/:id' => 'posts#show', via: [:get, :post]
+  #   match 'post/:id', to: 'posts#show', via: [:get, :post]
   #
   # == Named routes
   #
@@ -94,7 +94,7 @@ module ActionDispatch
   # Example:
   #
   #   # In config/routes.rb
-  #   get '/login' => 'accounts#login', as: 'login'
+  #   get '/login', to: 'accounts#login', as: 'login'
   #
   #   # With render, redirect_to, tests, etc.
   #   redirect_to login_url
@@ -120,9 +120,9 @@ module ActionDispatch
   #
   #   # In config/routes.rb
   #   controller :blog do
-  #     get 'blog/show'     => :list
-  #     get 'blog/delete'   => :delete
-  #     get 'blog/edit'     => :edit
+  #     get 'blog/show',    to: :list
+  #     get 'blog/delete',  to: :delete
+  #     get 'blog/edit',    to: :edit
   #   end
   #
   #   # provides named routes for show, delete, and edit
@@ -132,7 +132,7 @@ module ActionDispatch
   #
   # Routes can generate pretty URLs. For example:
   #
-  #   get '/articles/:year/:month/:day' => 'articles#find_by_id', constraints: {
+  #   get '/articles/:year/:month/:day', to: 'articles#find_by_id', constraints: {
   #     year:       /\d{4}/,
   #     month:      /\d{1,2}/,
   #     day:        /\d{1,2}/
@@ -147,7 +147,7 @@ module ActionDispatch
   # You can specify a regular expression to define a format for a parameter.
   #
   #   controller 'geocode' do
-  #     get 'geocode/:postalcode' => :show, constraints: {
+  #     get 'geocode/:postalcode', to: :show, constraints: {
   #       postalcode: /\d{5}(-\d{4})?/
   #     }
   #   end
@@ -156,13 +156,13 @@ module ActionDispatch
   # expression modifiers:
   #
   #   controller 'geocode' do
-  #     get 'geocode/:postalcode' => :show, constraints: {
+  #     get 'geocode/:postalcode', to: :show, constraints: {
   #       postalcode: /hx\d\d\s\d[a-z]{2}/i
   #     }
   #   end
   #
   #   controller 'geocode' do
-  #     get 'geocode/:postalcode' => :show, constraints: {
+  #     get 'geocode/:postalcode', to: :show, constraints: {
   #       postalcode: /# Postalcode format
   #          \d{5} #Prefix
   #          (-\d{4})? #Suffix
@@ -178,13 +178,13 @@ module ActionDispatch
   #
   # You can redirect any path to another path using the redirect helper in your router:
   #
-  #   get "/stories" => redirect("/posts")
+  #   get "/stories", to: redirect("/posts")
   #
   # == Unicode character routes
   #
   # You can specify unicode character routes in your router:
   #
-  #   get "こんにちは" => "welcome#index"
+  #   get "こんにちは", to: "welcome#index"
   #
   # == Routing to Rack Applications
   #
@@ -192,7 +192,7 @@ module ActionDispatch
   # index action in the PostsController, you can specify any Rack application
   # as the endpoint for a matcher:
   #
-  #   get "/application.js" => Sprockets
+  #   get "/application.js", to: Sprockets
   #
   # == Reloading routes
   #
@@ -210,8 +210,8 @@ module ActionDispatch
   # === +assert_routing+
   #
   #   def test_movie_route_properly_splits
-  #    opts = {controller: "plugin", action: "checkout", id: "2"}
-  #    assert_routing "plugin/checkout/2", opts
+  #     opts = {controller: "plugin", action: "checkout", id: "2"}
+  #     assert_routing "plugin/checkout/2", opts
   #   end
   #
   # +assert_routing+ lets you test whether or not the route properly resolves into options.
@@ -219,8 +219,8 @@ module ActionDispatch
   # === +assert_recognizes+
   #
   #   def test_route_has_options
-  #    opts = {controller: "plugin", action: "show", id: "12"}
-  #    assert_recognizes opts, "/plugins/show/12"
+  #     opts = {controller: "plugin", action: "show", id: "12"}
+  #     assert_recognizes opts, "/plugins/show/12"
   #   end
   #
   # Note the subtle difference between the two: +assert_routing+ tests that
@@ -243,8 +243,9 @@ module ActionDispatch
   #
   #   rails routes
   #
-  # Target specific controllers by prefixing the command with <tt>-c</tt> option.
-  #
+  # Target a specific controller with <tt>-c</tt>, or grep routes
+  # using <tt>-g</tt>. Useful in conjunction with <tt>--expanded</tt>
+  # which displays routes vertically.
   module Routing
     extend ActiveSupport::Autoload
 

data/lib/action_dispatch/routing/inspector.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 require "delegate"
-require "active_support/core_ext/string/strip"
+require "io/console/size"
 
 module ActionDispatch
   module Routing
@@ -53,7 +53,7 @@ module ActionDispatch
 
     ##
     # This class is just used for displaying route information when someone
-    # executes `rails routes` or looks at the RoutingError page.
+    # executes `bin/rails routes` or looks at the RoutingError page.
     # People should not use this class.
     class RoutesInspector # :nodoc:
       def initialize(routes)
@@ -61,11 +61,11 @@ module ActionDispatch
         @routes = routes
       end
 
-      def format(formatter, filter = nil)
+      def format(formatter, filter = {})
         routes_to_display = filter_routes(normalize_filter(filter))
         routes = collect_routes(routes_to_display)
         if routes.none?
-          formatter.no_routes(collect_routes(@routes))
+          formatter.no_routes(collect_routes(@routes), filter)
           return formatter.result
         end
 
@@ -81,12 +81,12 @@ module ActionDispatch
       end
 
       private
-
         def normalize_filter(filter)
-          if filter.is_a?(Hash) && filter[:controller]
+          if filter[:controller]
             { controller: /#{filter[:controller].underscore.sub(/_?controller\z/, "")}/ }
-          elsif filter
-            { controller: /#{filter}/, action: /#{filter}/, verb: /#{filter}/, name: /#{filter}/, path: /#{filter}/ }
+          elsif filter[:grep]
+            { controller: /#{filter[:grep]}/, action: /#{filter[:grep]}/,
+              verb: /#{filter[:grep]}/, name: /#{filter[:grep]}/, path: /#{filter[:grep]}/ }
           end
         end
 
@@ -94,7 +94,7 @@ module ActionDispatch
           if filter
             @routes.select do |route|
               route_wrapper = RouteWrapper.new(route)
-              filter.any? { |default, value| route_wrapper.send(default) =~ value }
+              filter.any? { |default, value| value.match?(route_wrapper.send(default)) }
             end
           else
             @routes
@@ -126,62 +126,110 @@ module ActionDispatch
         end
     end
 
-    class ConsoleFormatter
-      def initialize
-        @buffer = []
-      end
+    module ConsoleFormatter
+      class Base
+        def initialize
+          @buffer = []
+        end
 
-      def result
-        @buffer.join("\n")
-      end
+        def result
+          @buffer.join("\n")
+        end
 
-      def section_title(title)
-        @buffer << "\n#{title}:"
-      end
+        def section_title(title)
+        end
 
-      def section(routes)
-        @buffer << draw_section(routes)
-      end
+        def section(routes)
+        end
 
-      def header(routes)
-        @buffer << draw_header(routes)
-      end
+        def header(routes)
+        end
 
-      def no_routes(routes)
-        @buffer <<
-        if routes.none?
-          <<-MESSAGE.strip_heredoc
-          You don't have any routes defined!
+        def no_routes(routes, filter)
+          @buffer <<
+            if routes.none?
+              <<~MESSAGE
+                You don't have any routes defined!
+
+                Please add some routes in config/routes.rb.
+              MESSAGE
+            elsif filter.key?(:controller)
+              "No routes were found for this controller."
+            elsif filter.key?(:grep)
+              "No routes were found for this grep pattern."
+            end
 
-          Please add some routes in config/routes.rb.
-          MESSAGE
-        else
-          "No routes were found for this controller"
+          @buffer << "For more information about routes, see the Rails guide: https://guides.rubyonrails.org/routing.html."
         end
-        @buffer << "For more information about routes, see the Rails guide: http://guides.rubyonrails.org/routing.html."
       end
 
-      private
-        def draw_section(routes)
-          header_lengths = ["Prefix", "Verb", "URI Pattern"].map(&:length)
-          name_width, verb_width, path_width = widths(routes).zip(header_lengths).map(&:max)
+      class Sheet < Base
+        def section_title(title)
+          @buffer << "\n#{title}:"
+        end
 
-          routes.map do |r|
-            "#{r[:name].rjust(name_width)} #{r[:verb].ljust(verb_width)} #{r[:path].ljust(path_width)} #{r[:reqs]}"
-          end
+        def section(routes)
+          @buffer << draw_section(routes)
+        end
+
+        def header(routes)
+          @buffer << draw_header(routes)
         end
 
-        def draw_header(routes)
-          name_width, verb_width, path_width = widths(routes)
+        private
+          def draw_section(routes)
+            header_lengths = ["Prefix", "Verb", "URI Pattern"].map(&:length)
+            name_width, verb_width, path_width = widths(routes).zip(header_lengths).map(&:max)
+
+            routes.map do |r|
+              "#{r[:name].rjust(name_width)} #{r[:verb].ljust(verb_width)} #{r[:path].ljust(path_width)} #{r[:reqs]}"
+            end
+          end
+
+          def draw_header(routes)
+            name_width, verb_width, path_width = widths(routes)
+
+            "#{"Prefix".rjust(name_width)} #{"Verb".ljust(verb_width)} #{"URI Pattern".ljust(path_width)} Controller#Action"
+          end
+
+          def widths(routes)
+            [routes.map { |r| r[:name].length }.max || 0,
+             routes.map { |r| r[:verb].length }.max || 0,
+             routes.map { |r| r[:path].length }.max || 0]
+          end
+      end
 
-          "#{"Prefix".rjust(name_width)} #{"Verb".ljust(verb_width)} #{"URI Pattern".ljust(path_width)} Controller#Action"
+      class Expanded < Base
+        def initialize(width: IO.console_size[1])
+          @width = width
+          super()
         end
 
-        def widths(routes)
-          [routes.map { |r| r[:name].length }.max || 0,
-           routes.map { |r| r[:verb].length }.max || 0,
-           routes.map { |r| r[:path].length }.max || 0]
+        def section_title(title)
+          @buffer << "\n#{"[ #{title} ]"}"
         end
+
+        def section(routes)
+          @buffer << draw_expanded_section(routes)
+        end
+
+        private
+          def draw_expanded_section(routes)
+            routes.map.each_with_index do |r, i|
+              <<~MESSAGE.chomp
+                #{route_header(index: i + 1)}
+                Prefix            | #{r[:name]}
+                Verb              | #{r[:verb]}
+                URI               | #{r[:path]}
+                Controller#Action | #{r[:reqs]}
+              MESSAGE
+            end
+          end
+
+          def route_header(index:)
+            "--[ Route #{index} ]".ljust(@width, "-")
+          end
+      end
     end
 
     class HtmlTableFormatter
@@ -203,16 +251,16 @@ module ActionDispatch
       end
 
       def no_routes(*)
-        @buffer << <<-MESSAGE.strip_heredoc
+        @buffer << <<~MESSAGE
           <p>You don't have any routes defined!</p>
           <ul>
             <li>Please add some routes in <tt>config/routes.rb</tt>.</li>
             <li>
               For more information about routes, please see the Rails guide
-              <a href="http://guides.rubyonrails.org/routing.html">Rails Routing from the Outside In</a>.
+              <a href="https://guides.rubyonrails.org/routing.html">Rails Routing from the Outside In</a>.
             </li>
           </ul>
-          MESSAGE
+        MESSAGE
       end
 
       def result